GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,904
Maven
5,000+
npm
3,635
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,708 advisories
Filter by severity
The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one...
Moderate
Unreviewed
CVE-2024-6845
was published
Sep 25, 2024
This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS...
Moderate
Unreviewed
CVE-2024-40863
was published
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS...
Moderate
Unreviewed
CVE-2024-44125
was published
Sep 17, 2024
The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-7892
was published
Sep 25, 2024
Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before...
Moderate
Unreviewed
CVE-2015-1383
was published
May 17, 2022
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS...
Moderate
Unreviewed
CVE-2024-40860
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in Safari 18,...
Moderate
Unreviewed
CVE-2024-40857
was published
Sep 17, 2024
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of...
Moderate
Unreviewed
CVE-2024-44187
was published
Sep 17, 2024
The WP ULike WordPress plugin before 4.7.4 does not sanitise and escape some of its settings,...
Moderate
Unreviewed
CVE-2024-7878
was published
Sep 25, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and...
Moderate
Unreviewed
CVE-2024-44191
was published
Sep 17, 2024
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in...
Moderate
Unreviewed
CVE-2024-44176
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
Moderate
Unreviewed
CVE-2024-44124
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-44135
was published
Sep 17, 2024
Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS...
Moderate
Unreviewed
CVE-2024-43990
was published
Sep 25, 2024
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8546
was published
Sep 25, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in TaxoPress WordPress...
Moderate
Unreviewed
CVE-2024-43237
was published
Sep 25, 2024
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in...
Moderate
Unreviewed
CVE-2024-44128
was published
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS...
Moderate
Unreviewed
CVE-2024-44129
was published
Sep 17, 2024
Permission control vulnerability in the audio module. Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-41311
was published
Sep 27, 2023
HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow...
Moderate
Unreviewed
CVE-2023-4393
was published
Oct 30, 2023
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8858
was published
Sep 25, 2024
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-8678
was published
Sep 25, 2024
The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross...
Moderate
Unreviewed
CVE-2024-3866
was published
Sep 25, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-47303
was published
Sep 25, 2024
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-8910
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API